Hi;
How do I get the latest *Fedora* source code that can be used with git?
I have the kernel.org vanilla version working in git, but I would like to get the Fedora 11 version. I am trying to trace the SELinux implementation in Fedora.
I have downloaded kernel-2.6.29.4-167.fc11.src.rpm, if that is of any use. I can't get git clone to recognize it.
William Case wrote:
How do I get the latest *Fedora* source code that can be used with git?
I have the kernel.org vanilla version working in git, but I would like to get the Fedora 11 version. I am trying to trace the SELinux implementation in Fedora.
I have downloaded kernel-2.6.29.4-167.fc11.src.rpm, if that is of any use. I can't get git clone to recognize it.
I don't know that the fedora kernels are tracked in a public git repo. The folks on the fedora kernel list might know better though.
https://www.redhat.com/archives/fedora-kernel-list/
What is it that you'd like to do with git and the fedora kernels?
Hi Todd;
On Wed, 2009-07-22 at 17:39 -0400, Todd Zullinger wrote:
William Case wrote:
How do I get the latest *Fedora* source code that can be used with git?
I have the kernel.org vanilla version working in git, but I would like to get the Fedora 11 version. I am trying to trace the SELinux implementation in Fedora.
I have downloaded kernel-2.6.29.4-167.fc11.src.rpm, if that is of any use. I can't get git clone to recognize it.
I don't know that the fedora kernels are tracked in a public git repo. The folks on the fedora kernel list might know better though.
https://www.redhat.com/archives/fedora-kernel-list/
What is it that you'd like to do with git and the fedora kernels?
What I want to do is trace the implementation of SELinux; its modules; initiation; hooks etc. in Fedora. The Kernel.org version I have doesn't show SELinux coding.
I have been running SELinux in the last few versions of Fedora in permissive or disabled mode just to get it out of the way. In F11, I thought I would climb the learning curve and begin to use it.
There are many good tutorials and manuals out there, not the least of which are Fedora's own SELinux manual and the NSA's report. However none of them explain very well what is happening in the kernel. At least not as well as they could if I could see the code with my own eyes.
William Case wrote:
What I want to do is trace the implementation of SELinux; its modules; initiation; hooks etc. in Fedora. The Kernel.org version I have doesn't show SELinux coding.
Hmm, it should, as it is in the mainline kernel these days. I couldn't tell you much, but I think the kernel parts of selinux are found in security/selinux within the kernel source. From the kernel git tree:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=tree...
I have been running SELinux in the last few versions of Fedora in permissive or disabled mode just to get it out of the way. In F11, I thought I would climb the learning curve and begin to use it.
There are many good tutorials and manuals out there, not the least of which are Fedora's own SELinux manual and the NSA's report. However none of them explain very well what is happening in the kernel. At least not as well as they could if I could see the code with my own eyes.
Hopefully the code from above helps enlighten you. ;)
Also useful might be the selinux-policy packages. That's where the actual rules and policies are kept. The fedora-selinux-list might be able to provide more insight (surely more than I can :).
On Wed, 2009-07-22 at 19:13 -0400, Todd Zullinger wrote:
William Case wrote:
What I want to do is trace the implementation of SELinux; its modules; initiation; hooks etc. in Fedora. The Kernel.org version I have doesn't show SELinux coding.
Hmm, it should, as it is in the mainline kernel these days. I couldn't tell you much, but I think the kernel parts of selinux are found in security/selinux within the kernel source. From the kernel git tree:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=tree...
Thanks Todd.
I have been running SELinux in the last few versions of Fedora in permissive or disabled mode just to get it out of the way. In F11, I thought I would climb the learning curve and begin to use it.
There are many good tutorials and manuals out there, not the least of which are Fedora's own SELinux manual and the NSA's report. However none of them explain very well what is happening in the kernel. At least not as well as they could if I could see the code with my own eyes.
Hopefully the code from above helps enlighten you. ;)
The meat is in the policies as you have pointed out below. Unfortunately for me, I can get myself stuck with "Yea, but how does it do that?". Once I can answer that question, even if only superficially, I can comfortably move on to more significant issues.
Also useful might be the selinux-policy packages. That's where the actual rules and policies are kept. The fedora-selinux-list might be able to provide more insight (surely more than I can :).